> > Carolyn wrote: > >> > I think this summary is correct. I'm not sure that it is >> > worth any work on our part to prevent an admin from doing >> > something pointless, or to warn them about it - this just >> > gives us more code to test, translate, ... >> > I think we should prevent the admin from creating TLS Peer configuration that > does nothing. It's the same as not allowing Users with a blank User ID, or > Phone Groups with a blank Name. >
I don't think that it does nothing, and those analogies are flawed - it's not configuring a user with no name, it's configuring a user with no permissions. For example, some systems may require that connections to them be made with mutually authenticated TLS; in order to interoperate with them, a peer would be configured so that there is somewhere to insert the required certificate chain and to give it a name. You don't want to have to invent a dummy permission to give them just to be able to connect to them. _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
